Comment by zzo38computer

All I/O (including timing, date/time, internet, and everything else) should be behind permissions (although some may be permitted by default, they should still be overridable). Furthermore, all I/O should allow the user to program proxy capabilities (which can be used for testing error conditions, as well as for privacy and security, and for finer permissions, and logging, and other stuff).

However, if an app wants to make a screenshot of itself, then it could do so by emulation of itself (so no permission is needed), as long as everything it displays is rendered by its own code rather than calling other functions in the system to do so.